Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1254Improper Restriction of Operations within the Bounds of a Memory Buffer in Winrar

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
5.2%
top 10.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Rarlab Winrar
Timeline
PublishedJan 10
Latest updateApr 29

Description

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDrarlab/winrar8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-cvq2-4mh6-ww77: WinRAR 32022-04-29
CVEList
CVE-2004-1254: WinRAR 32004-12-22

💥Exploits & PoCs

1
Exploit-DB
WinRAR 3.4.1 - Corrupt '.ZIP' File2004-12-16
CVE-2004-1254 — Rarlab Winrar vulnerability | cvebase